Typical computer systems, especially computer systems using graphical user interfaces (“GUIs”), are optimized for accepting user input from one or more discrete input devices, such as a keyboard for entering text and a pointing device, such as a mouse with one or more buttons, for operating the user interface. An example of such a GUI is the user interface for the Windows® computer operating system (available from Microsoft Corporation of Redmond, Wash.). The ubiquitous keyboard and mouse interface provides for fast creation and modification of documents, spreadsheets, database fields, drawings, photos, web pages, emails, and the like.
Recently, however, pen-based computing systems, such as tablet personal computers (“tablet PCs”), personal digital assistants (“PDAs”), and the like, have been increasing in popularity. With pen-based computing systems, user input advantageously may be introduced as “electronic ink” using an electronic “pen” or stylus (e.g., mimicking writing with a pen or pencil on a piece of paper). Indeed, in at least some pen-based computing systems, all user input is capable of being entered and manipulated using an electronic pen input device, and the user interface is fully controllable using only the electronic pen.
As pen-based computing systems become more popular, many computer activities such as access in a computer system become more difficult to implement. For example, in a computer system in which a user logs into an individualized account or inputs security information to enter a restricted site, a pen-based computer system creates difficulties for the user to conveniently and efficiently maneuver the pen or stylus to accomplish the task.
In a typical computer system, a display is presented to the user containing a field in which the user enters a userid and a field in which the user enters a corresponding password. Typically, a user inputs information via a keyboard. Therefore, if inputting data via a keyboard is problematic (e.g., a keyboard is not available or not conveniently accessible), a user may not be able to input data as necessary. In such a system lacking a conveniently available keyboard, a user would be unable to successfully access information because of the inability to enter authentication information into the system.
In the traditional method of gaining access to a private account, a user typically enters a password via a keyboard. A password that has a higher level of security (i.e., a completely random string of characters that is not otherwise associated with the user) is typically difficult to remember. Thus, the user often forgets the password and must expend effort in having the password reset, obtaining the password from a system administrator, etc. To avoid this inconvenience, the user may select a password that is easy to remember, such as the user's date of birth. However, such passwords are easy to “crack” and provide very little security to the user. This defeats the purpose of having the security system in the first place. Thus, the typical computer user is caught in a dilemma of trying to maintain a high level of security while at the same time creating a password that the user can remember. Often, this balance is difficult to achieve. Therefore, a system and method for providing security is needed that is easy to use for the user with minimal demands on the user's memory while providing a high level of security against unauthorized users.
The above-noted issues associated with data input of security information, compromise of password security information or loss of security in computing systems can lead to user frustration. Accordingly, there is a need in the art for improved input of security information, e.g., for use with pen-based computing systems and in other situations where keyboards are inconvenient or unavailable.